On Wed, Oct 11, 2006 at 07:44:11PM +0100, Malcolm Rowe wrote:
> On Wed, Oct 11, 2006 at 09:07:19PM +0300, Vlad Georgescu wrote:
> > - the SASL anonymous plugin doesn't have anything to do with the
> > internal anonymous/cram-md5 auth; it's just a simple implementation of
> > the SASL plugin API; in fact, the old code (located in
> > libsvn_ra_svn/simple_auth.c) isn't even compiled when SASL is
> > detected; both simple_auth.c and sasl_auth.c implement the function
> > svn_ra_svn__do_auth, but in different ways.
> >
>
> Okay. So, sorry if this is a stupid question, but is it therefore not
> possible to compile a SASL-enabled svnserve and point it at a regular
> svnserve password file using svnserve.conf?
>
That seems to be completely incorrect. Sorry for the noise.
Yes, there is an (entirely undocumented; could we fix that?) config
option in the repository's config file to enable SASL for the server
process.
What's happening in _my_ case is that my SASL-aware-but-not-enabled
svnserve is offering up ANONYMOUS, but my SASL-aware svn client is
unable to handle it. The assumption, I guess, is that the SASL library
will _always_ be able to negotiate ANONYMOUS and CRAM-MD5, the
mechanisms that a non-SASL-enabled server returns.
(Incidentally, if I do set up a password file on svnserve, the client
works, because it authenticates via the CRAM-MD5 mech).
Regards,
Malcolm
- application/pgp-signature attachment: stored
Received on Wed Oct 11 21:22:54 2006